| < rra-c-util 9.0 | Russ Allbery > Eagle's Path > March 2021 | faq2html 1.36 > |
pam-krb5 is a relatively simple Kerberos PAM module with no dependencies on larger infrastructure such as sssd.
This is a small bug-fix release that fixes a possible double-free if
krb5_cc_get_principal fails on the newly-acquired ticket cache
during authentication. I am dubious this is exploitable because this
temporary ticket cache should not be under the control of an attacker, but
I'm putting out a release just in case. Thanks to Michael Muehle for the
report.
You can get the latest release from the pam-krb5 distribution page.
Posted: 2021-03-20 13:34 — Why no comments?
| < rra-c-util 9.0 | Russ Allbery > Eagle's Path > March 2021 | faq2html 1.36 > |